Malicious software is a continuing problem for all computer systems. Of particular concern is the ability of malicious software to persist after the computer system is rebooted, by making changes to persistent storage, such as hard disks or flash memory, such that when the computer system is rebooted, these changes ensure the reloading of the malicious software.
Although a computer which boots from Read Only Memory (ROM) can solve this problem, it introduces other problems because the boot software (bootloader and/or operating system) cannot be patched or upgraded to address shortcomings such as bugs or security vulnerabilities. In practice, therefore, computers do not boot from true ROM, although they may in some cases boot from a “programmable ROM” (PROM) or “field programmable ROM” (FPROM). Programmable ROMs differ from standard ROM because data in a PROM is programmed after manufacture. In practice, PROMs are a form of persistent storage.
One attempt to solve the problem of persistent malicious software is described in US patent application US 2011/0035808. The method describes the use of a custom storage controller which prevents a computer system from making changes to a boot image in order to avoid the possibility of malware persistence following a reboot. US 2011/035808 then describes a mechanism whereby that computer system can make changes to the boot image under certain circumstances subject to the insertion of a physical cryptographic token. Embodiments of the invention described herein do not permit this, but provide instead a mechanism whereby changes to the boot image can be made by a second computer system which connects to the storage controller independently of the first computer system.
Another attempt to solve the problem is described in U.S. Pat. No. 6,546,489. This describes booting a host computer using a disk drive coupled to the host computer. The disk drive asserts a signal to place the processor of the host computer in an inactive state where the host processor cannot access its memory. The disk drive then writes a template for booting the host computer to the host processor's memory from a protected area of the disk drive. The disk drive then de-asserts the signal, allowing the host processor to boot from the host memory array. According to this method, any legitimate changes to the boot image stored in the protected area of the disk must be made by software running on the host computer. There must therefore exist a state of the host computer in which changes to the boot image can made, and a malicious user could in principle use malicious software to generate the state and change the boot image. Embodiments of the invention do not permit this, but provide instead a mechanism whereby changes to the boot image can be made by a second computer system which connects to the storage controller independently of the first computer system.
U.S. Pat. No. 7,293,165 describes systems in which a server with a CPU also includes an autonomously operating baseboard management controller (BMC) which communicates with the CPU over an LPC bus. The BMC includes storage which stores the system BIOS, and a bus interface which decodes and responds to bus access requests, including requests with a memory address range associated with boot operations. When the CPU makes a request with an address range associated with boot operations, the bus interface forwards the request to a memory interface which reads the system BIOS from the storage and returns the system BIOS over the bus. The storage is implemented as SRAM, and the system BIOS can be patched and updated by a remote computer over a network interface. However, there is no consideration of how to ensure that the CPU can revert to a known good state.